Salt Typhoon Uses Citrix Flaw in Global Cyber-Attack
A cyber intrusion by China-linked group Salt Typhoon has been observed targeting global infrastructure via DLL sideloading.
A cyber intrusion linked to the China-based group Salt Typhoon has been identified by cybersecurity researchers, involving the exploitation of a Citrix NetScaler Gateway vulnerability.
The operation, observed by Darktrace, involved advanced methods such as DLL sideloading and zero-day exploits – known techniques the group uses to infiltrate systems while avoiding standard detection measures.
Salt Typhoon, also known as Earth Estries, GhostEmperor and UNC2286, has been active since at least 2019.
The group is associated with a series of high-impact cyber campaigns directed at critical sectors, including:
- telecommunications
- energy
- government systems
across more than 80 countries.
While the United States has been a frequent target, recent activity shows a broader reach across Europe, the Middle East and Africa.
Author's summary: Salt Typhoon targets global infrastructure via Citrix flaw.
More News
- Watch 'Conclave' thriller at De Valence!
- Internet services cut for hours by Amazon cloud outage
- AFM and Marche du Film teaming on innovation forum and AI sessions
- Who Killed the Montreal Expos? Review: Vive les Expos! - POV Magazine
- The lion of Zion has awakened - Israel Today
- Reform in turmoil: Party forced to suspend 4 more Kent councillors after bitter infighting
- Watch the NBA on ABC: See the 2025-2026 Season Schedule | ABC Updates
- Best Apple TV Original Shows of 2025
- Colman Domingo Is the Cowardly Lion in 'Wicked: For Good'
- REM line to Montreal's North Shore to begin Nov. 17, adding 14 new stations